Campbellsville University ISO Affect the Standards for Network Security Paper & Discussions


What do you think were the critical factors that fueled the need for IT governance? In what ways did ISO affect the standards for network security?


Student 1:

Discussion 6 – IT Governance

There are some critical factors that fueled the need for IT governance. Initially, IT systems supported business processes in silos. As the business processes evolved there was a changing need for the IT systems to support the new business processes that are interlinked. Hence, IT systems needed to be integrated to each other. This added complexity to these systems. Now the IT organization had to consider application integration, this means application build with different languages must be able to integrate. If an application is updated, it needs to be checked for integration testing (

Next, as the business becomes more and more dependent on IT systems, IT systems have started storing critical data. To ensure that critical data of the business is accessible to only authorized individuals IT governance has become important. Further, there may be certain individual that may need view access to the data and some individuals that need edit access to the data. Hence, providing different levels of access to different individuals is also made possible because of IT governance (

Finally, to ensure data security we need IT governance. If there is no IT governance, the data of the company may not have rules of governance and storage. Thus, there may be duplicate data available on a flash drive or an open system. This may bring risk to the company operations. Thus, we need IT governance (


Standards. (n.d.). ISO.

Student 2:

Factors for IT Governance

In recent years, various organizations have cooperated with IT in their management systems, and several critical factors across the sector fuel this. According to research work and projects, they indicate several reasons that necessitated such move in governance within companies and parastatals. For example, the executive and the entire leadership in organizations who had the urge to adopt modern technology in making critical decisions played a significant role in implementing the proposal (Van Grembergen & De Hales, 2017). Also, the management embarked on proper communication, education, and training of workers on the new aspects of technology. In the long run, such actions equipped the workforce with the right skills to operate on the machines, thus embracing the IT systems within the organizations.

Another factor that drove the agenda is the separation of roles and responsibilities among the workforce. For instance, the management assigned specific roles to different departments within the organizations, creating an enabling environment for easy supervision of the work. Also, each department had a team leader who rallied the members to the course for realizations of the required results. Lastly, regular evaluation and measurement of the assigned projects were key in ensuring service delivery within the organizations (Van Grembergen & De Hales, 2017). Within a specific period, the assessment would be done by a team of experts to ascertain the progress and emerging issues that needed the management’s attention for the success of the projects.

Effects of ISO on Network Security

Additionally, with the emergence of ISO standards in technology and networking, several benefits have been realized by organizations. First, international standards are mandated to provide supplies for creating, maintaining, and constantly improving systems within information security (Mirtsch et al., 2020). Similarly, it assisted in regulating the activities in the information sector, thus controlling the cybersecurity menace across the world. As a result, the concerned body adopted common rules and guidelines, which the organizations and key players accepted globally, which made the process succeed in the long run.


Mirtsch, M., Kinne, J., & Blind, K. (2020). Exploring the adoption of the international information security management system standard iso/iec 27001: A web mining-based analysis. IEEE Transactions on Engineering Management, 68(1), 87-100.

Van Grembergen, W., & De Haes, S. (2017, January). Introduction to IT governance and its mechanisms minitrack. In Proceedings of the 50th Hawaii International Conference on System Sciences.